CVE-2024-2929

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 26, 2024
CWE ID 119

Summary

CVE-2024-2929 is a memory corruption vulnerability in Rockwell Automation Arena Simulation software, affecting the confidentiality, integrity, and availability of the product. This vulnerability could allow a malicious user to insert unauthorized code by corrupting the memory, triggering an access violation. Once inside, the threat actor can run harmful code on the system. The vulnerability requires the user to unknowingly open a malicious file shared by the threat actor. Remediation for this vulnerability is not mentioned in the provided information.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share